Module: wine Branch: master Commit: cbddd3930b4b186c7f0034e67abfbfcf18f423b1 URL: https://gitlab.winehq.org/wine/wine/-/commit/cbddd3930b4b186c7f0034e67abfbfc...

Author: Alistair Leslie-Hughes leslie_alistair@hotmail.com Date: Tue Jan 31 12:37:09 2023 +1100

secur32: QueryContextAttributesW check for valid object before use.

---

dlls/secur32/schannel.c | 4 ++-- dlls/secur32/tests/schannel.c | 4 ++++ 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/dlls/secur32/schannel.c b/dlls/secur32/schannel.c index 6b5df3520a7..6b4be497f30 100644 --- a/dlls/secur32/schannel.c +++ b/dlls/secur32/schannel.c @@ -1149,8 +1149,8 @@ static SECURITY_STATUS SEC_ENTRY schan_QueryContextAttributesW( TRACE("context_handle %p, attribute %#lx, buffer %p\n", context_handle, attribute, buffer);

- if (!context_handle) return SEC_E_INVALID_HANDLE; - ctx = schan_get_object(context_handle->dwLower, SCHAN_HANDLE_CTX); + if (!context_handle || !(ctx = schan_get_object(context_handle->dwLower, SCHAN_HANDLE_CTX))) + return SEC_E_INVALID_HANDLE;

switch(attribute) { diff --git a/dlls/secur32/tests/schannel.c b/dlls/secur32/tests/schannel.c index f0b0b20b08a..5153c9b4a1e 100644 --- a/dlls/secur32/tests/schannel.c +++ b/dlls/secur32/tests/schannel.c @@ -1529,6 +1529,10 @@ static void test_communication(void)

done: DeleteSecurityContext(&context); + + status = QueryContextAttributesW(&context, SECPKG_ATTR_REMOTE_CERT_CONTEXT, (void*)&cert); + ok(status == SEC_E_INVALID_HANDLE, "QueryContextAttributesW(SECPKG_ATTR_REMOTE_CERT_CONTEXT) got %08lx\n", status); + FreeCredentialsHandle(&cred_handle);

CertFreeCertificateContext(cert);